How to Protect your Commercial Real Estate Transactions
Commercial lenders, brokers and investors should ensure they are working with title and closing partners who invest in cybersecurity protections to keep their funds safe.
As a participant in commercial real estate transactions, you are constantly exposed to financial and reputational risk from your title and closing partners. In 2021, the FBI estimated $2.4B in losses from business email compromise, with a significant portion of those losses coming from real estate wire fraud[1]. To ensure that your clients don’t fall victim to fraud, it is important to verify that your title partners have the following protections in place.
First, title agencies should offer the ability to communicate securely online without relying on unsecured email. Fraudsters often seek to monitor and hack into unsecured emails, allowing them to impersonate transaction participants and convince the parties to send funds to a fraudulent bank account. This cannot occur if the parties are able to place orders, communicate, and send documents back and forth in a secure online customer portal.
It is also important for your title and closing partners to work with a third-party technology provider, such as CertifID, that specializes in wire fraud prevention technology. These providers offer the ability to send wire instructions securely, validate the sender’s identity, verify bank details prior to sending funds, and even include insurance of up to $1M per wire. The American Land Title Association (ALTA) estimates that 1 in 3 real estate transactions are targeted for wire fraud[2]. Given that, you cannot afford to rely on title agencies’ internal wire verification procedures to keep your customers’ money safe.
The American Land Title Association (ALTA) estimates that 1 in 3 real estate transactions are targeted for wire fraud.
In addition to taking advantage of third-party wire fraud insurance, title agencies should maintain their own internal cybersecurity insurance with high coverage limits. It is crucial for this insurance to include social engineering coverage, as ALTA estimates that 75% of unrecoverable funds are sent by a title agency employee. Standard cybersecurity insurance will not cover this type of fraud, so it’s important to fully understand what type of coverage your title partners offer.
Title agents should also have strong internal policies and procedures to protect against cyber threats. These should include regular vulnerability testing to identify and fix any areas of IT weakness that could be targeted by fraudsters. Given that employees are often the entry point for wire fraud, it is also important for title agents to conduct frequent employee cybersecurity training. Ideally, this training is also paired with phishing testing, where employees regularly receive sample phishing emails to test whether or not they are successfully applying what they learned in training.
Finally, your title partners should offer the ability to conduct Remote Online Notary (RON) closings. RON closings involve closing packages being sent by encrypted email or secure API transfer, protecting your borrowers’ personal information. They also offer knowledge-based authentication to verify the identity of all signers, tamper-proof technology for the signed documents, and an audio-visual recording of the signing ceremony. Overall, they offer a more convenient and secure closing experience than traditional alternatives.
One way to identify title agencies who have chosen to invest in cybersecurity protections is to look for a SOC2, Type 2 audit certification. This is an extensive yearly audit of the company’s security, confidentiality and privacy controls by an accredited third party. Rather than having to rely on the agent’s own assertions, this certification provides you with the confidence that your partner has been thoroughly vetted by an external auditor.
At CSS Commercial Title, we employ all of these cybersecurity precautions to ensure that every transaction we work on is protected from fraud. When you partner with us, you can rest assured that your commercial transaction is being closed securely.
